Adam Shostack

It occurred to me recently that I’ve been covering the security industry for just about 10 years. That’s a long time to be doing anything, and especially to be writing about one topic. But it’s hard to think of something that would have been much more interesting to cover this decade, given the huge change in the amount of attention paid to security and the fascinating cast of characters this industry has.

If there’s one key message coming through all of the noise at the RSA Conference this week it’s the fact that there’s a pressing need for more data. Data on attacks, data on vulnerabilities, data on data breaches, data on software security, data on everything having to do with security. The mini-movement that has sprung up around metrics and measurement in security has taken over a lot of the conversation at the conference, with some interesting results.

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.